Home

Failed authentication

Submitted by h2005 on Thu, 2010-02-18 10:03

Помогите разобраться.
пытаюсь настроить ejaberd'a с аутентификацияей в LDAP.
Демон подымается.


/usr/local/sbin/ejabberdctl status
The node ejabberd@localhost is started with status: started
ejabberd 2.1.2 is running in that node

Не работает сама аутентификация в лдап, в результате:
(консоль psi)

<failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl">
<not-authorized/>
</failure>

лог ежабберд

=INFO REPORT==== 18-Feb-2010::11:37:02 ===
D(<0.274.0>:eldap:695) : {searchResDone,
                             {'LDAPResult',success,[],[],asn1_NOVALUE}}

=INFO REPORT==== 18-Feb-2010::11:37:02 ===
D(<0.283.0>:eldap:634) : {bindRequest,
                             {'BindRequest',3,
                                 "uid=vetal,ou=Users,dc=logos,dc=local",
                                 {simple,"*****"}}}

=INFO REPORT==== 18-Feb-2010::11:37:02 ===
D(<0.283.0>:eldap:695) : {bindResponse,
                             {'BindResponse',invalidCredentials,[],[],
                                 asn1_NOVALUE,asn1_NOVALUE}}

=INFO REPORT==== 18-Feb-2010::11:37:02 ===
I(<0.391.0>:ejabberd_c2s:584) : ({socket_state,tls,{tlssock,#Port<0.4081>,#Port<0.4083>},<0.390.0>}) Failed authentication for vetal@example.com

=INFO REPORT==== 18-Feb-2010::11:37:02 ===
D(<0.391.0>:ejabberd_c2s:1397) : Send XML on stream = "<failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-authorized/></failure>"

При попытке авторизироваться в админке

=INFO REPORT==== 18-Feb-2010::11:41:32 ===
D(<0.274.0>:eldap:695) : {searchResDone,
                             {'LDAPResult',success,[],[],asn1_NOVALUE}}

=ERROR REPORT==== 18-Feb-2010::11:41:32 ===
W(<0.393.0>:ejabberd_web_admin:181) : Access {"vetal@example.com","*****"} failed with error: "bad-password"
{request,'GET',
         ["admin","server","example.com","acls"],
         [{nokey,[]}],
         undefined,
         {"vetal@example.com","*****"},
...

конфиг там где аут

...
{auth_method, internal}.
{auth_method, ldap}.
{ldap_servers, ["localhost"]}.    % List of LDAP servers
{ldap_base, "ou=Users,dc=logos,dc=local"}. % Search base of LDAP directory
{ldap_rootdn, "cn=Manager,dc=logos,dc=local"}. % LDAP manager
{ldap_password, "*****"}. % Password to LDAP manager
...

где копать, и чем
есть идеи?

[Разобрался сам]

Submitted by h2005 on Sun, 2010-02-21 00:27.

=INFO REPORT==== 18-Feb-2010::11:37:02 ===
D(<0.283.0>:eldap:695) : {bindResponse,
{'BindResponse',invalidCredentials,[],[],
asn1_NOVALUE,asn1_NOVALUE}}

в этом вся загвоздка
поправил права на просмотр userPassword в лдап и все заработало...

»
Syndicate content

User login